Logo Menu

Auditors

Best SOC 2 AuditorsAll SOC 2 Auditors
By Industry
SaaSStartupsAI CompaniesHealthcareFinTechMSPsGovernment Contractors
By Country
πŸ‡ΊπŸ‡Έ United StatesπŸ‡¬πŸ‡§ United KingdomπŸ‡¨πŸ‡¦ CanadaπŸ‡¦πŸ‡Ί AustraliaπŸ‡©πŸ‡ͺ GermanySOC 2 Auditors Near Me
By Platform
Vanta AuditorsDrata AuditorsSecureframe AuditorsSprinto Auditors
By Framework
SOC 2 + ISO 27001SOC 2 + HIPAAFedRAMP 3PAO + SOC 2CMMC C3PAO + SOC 2HITRUST + SOC 2PCI QSA + SOC 2
By Audit Type
SOC 2 Type 1SOC 2 Type 2

Get Ready

SOC 2 Readiness Assessment

Compare service firms

SOC 2 Readiness FirmsPenetration Testing FirmsvCISO FirmsISO 27001 ConsultantsCompliance ConsultantsAll Service Firms

Software

SOC 2 Compliance SoftwareTool Reviews & Comparisons

Platform reviews

Vanta ReviewDrata ReviewSecureframe ReviewSprinto ReviewThoropass Review

Learn

SOC 2 InsightsSOC 2 Buyer Guides
Browse by topic
SOC 2 BasicsAudit PreparationCost & TimelineFramework ComparisonsSOC 2 by IndustryAuditor Selection
Start here
What is SOC 2?SOC 2 Audit CostHow to Choose an Auditor
Reference
Compliance FrameworksMethodology

Free Tools

Find My SOC 2 AuditorSOC 2 Readiness AssessmentSOC 2 Cost CalculatorSOC 2 Timeline CalculatorSOC 2 vs ISO 27001

Trail of Bits

Verified Penetration testing New York, NY, USA

By Peter Korpak / Reviewed against our methodology / Last verified / Work at Trail of Bits? Claim this listing β†’

Trail of Bits is a SOC 2 support firm in New York, NY, USA providing penetration testing, founded in 2012. Engineering-led and high-assurance organizations that need deep security audits of code, cryptography, blockchain, and complex systems, well beyond a standard pentest.

Services
Penetration testing
Headquarters
New York, NY
Pricing
On request
Engagement
Hands-on implementation
Get my 3 quotes

Free. Side-by-side on price, timeline, and fit. Pick one firm. Have one call.

Who should hire Trail of Bits?

Engineering-led and high-assurance organizations that need deep security audits of code, cryptography, blockchain, and complex systems, well beyond a standard pentest.

What makes Trail of Bits different?

A research-driven security firm (clients from Meta to DARPA) known for foundational open-source tooling and deep expertise in reverse engineering, cryptography, and exploitation.

Focus areas
Software security auditsCryptography reviewBlockchain and smart-contract securityReverse engineeringApplication security

Pricing: Trail of Bits does not publish a standard price. Pricing depends on scope, environment, and engagement model β€” request a quote to get a current figure.

Links
Website β†— LinkedIn β†—
Buyer questions

Trail of Bits FAQ

Answers templated from this firm's directory record and preserved in FAQPage schema.

What does Trail of Bits do for SOC 2?

Trail of Bits is a SOC 2 support firm providing penetration testing. It does not issue the SOC 2 report itself; an independent CPA firm attests. Engineering-led and high-assurance organizations that need deep security audits of code, cryptography, blockchain, and complex systems, well beyond a standard pentest.

Where is Trail of Bits based?

Trail of Bits is based in New York, NY, USA, and supports SOC 2 work remotely. The firm has operated since 2012.

Does Trail of Bits publish pricing?

Trail of Bits does not publish a standard price. Pricing for penetration testing work depends on scope, environment, and engagement model, so request a quote to get a current figure.

Quote

Compare Trail of Bits with the right-fit firms

Tell us your scope and SOC 2 timeline. We send it to Trail of Bits and a couple of other firms that fit, and they reply with a ballpark. Anonymous until you pick.

Run a firm? Claim or feature this listing. Placement never reorders matching β€” fit comes first.

We email you the quotes. Auditors don't see your details until you pick.

Add more detail readiness, scope, platform

No sales calls until you pick a firm.

Read by a human. Three quotes in 48 hours.